What is zero day?Isn't this a grey area - we know buffer overflows exist but that doesn't discount every new buffer overflow because "oh, we know about buffer overflows already". So therefore should we be discounting a new SQL vulnerability in Jon's Cat Blog? It seems odd to refer to that as an 0day, however.

What are the disadvantages of Tor?So you're proposing limiting SSH login to only allow it from Tor? I'm not quite sure how you'd implement that but even if it is possible what's the point? It would be far better/simpler to limit SSH login to your I.P address(es). Also, as anyone can use Tor you're not really restricting people from accessing it - just obscuring it a little